No traffic allowed between L2TP/IPsec and LAN
I'm new to pfSense world and unfortunately due to hardware limitations my router runs version 2.3.5-p2. (it's 32 bits)
OTOH I'm not new to network world. Maybe rusty... Anyways...
Recently I created this router to have a VPN, so some suppliers could access our system in some VMs. To avoid software installation and certificates generation, I decided to use L2TP with IPsec.
I followed Netgate "manual" and not for my surprise I could establish the VPN tunnel. (My ISP might be blocking something, but I can establish it directly connected to the router)
Both sides can ping each other. LAN is 192.168.1.0/24 and L2TP users 192.168.255.128/25.
From LAN I can reach L2TP users, so far with no problems. But when I try to reach from L2TP to LAN, traffic response is blocked. Like this:
Aug 6 18:53:22 ► l2tp0 192.168.1.102:80 192.168.255.185:52222 TCP:SA Aug 6 18:53:22 ► l2tp0 192.168.1.102:80 192.168.255.185:52221 TCP:SA Aug 6 18:53:22 ► l2tp0 192.168.1.102:80 192.168.255.185:52220 TCP:SA
But I'm copying some files from 192.168.255.185, using SMB.
I tried to add a new rule based on this block clicking the + icon and it says "Invalid interface for pass rule: " and nothing else. Sounds reasonable, since it's a virtual interface fo VPN.
Not to mention it's also blocking response from web either, obviously. (but this is not my priority)
I'm pretty sure I'm missing something, but what?
Internet from lan doesn't seem ok either, even though it works. Hard to explain, but, for example, I couldn't post pictures here, got server error and from the hotel now it worked.
I'd really appreciate if someone could help.
humaxoid last edited by humaxoid
Bookmark L2TP VPN, Try changing the destination from *, to LAN net.
Thanks for the idea.
But my ISP had serious problems with ISAKMP thru their router, so I migrated to OpenVPN.